root/backend.php

Revision 2632, 16.7 kB (checked in by Andrew Dolgov <fox@madoka.spb.ru>, 2 days ago)
[project @ add function to open article summary in a popup window]

Line
1	<?php
2	error_reporting(E_ERROR \| E_WARNING \| E_PARSE);
3
4	/* remove ill effects of magic quotes */
5
6	if (get_magic_quotes_gpc()) {
7	$_GET = array_map('stripslashes', $_GET);
8	$_POST = array_map('stripslashes', $_POST);
9	$_REQUEST = array_map('stripslashes', $_REQUEST);
10	$_COOKIE = array_map('stripslashes', $_COOKIE);
11	}
12
13	require_once "sessions.php";
14	require_once "modules/backend-rpc.php";
15
16	/* if ($_GET["debug"]) {
17	define('DEFAULT_ERROR_LEVEL', E_ALL);
18	} else {
19	define('DEFAULT_ERROR_LEVEL', E_ERROR \| E_WARNING \| E_PARSE);
20	}
21
22	error_reporting(DEFAULT_ERROR_LEVEL); */
23
24	require_once "sanity_check.php";
25	require_once "config.php";
26
27	require_once "db.php";
28	require_once "db-prefs.php";
29	require_once "functions.php";
30
31	no_cache_incantation();
32
33	if (ENABLE_TRANSLATIONS == true) {
34	startup_gettext();
35	}
36
37	$script_started = getmicrotime();
38
39	$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
40
41	if (!$link) {
42	if (DB_TYPE == "mysql") {
43	print mysql_error();
44	}
45	// PG seems to display its own errors just fine by default.
46	return;
47	}
48
49	if (DB_TYPE == "pgsql") {
50	pg_query("set client_encoding = 'UTF-8'");
51	pg_set_client_encoding("UNICODE");
52	} else {
53	if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) {
54	db_query($link, "SET NAMES " . MYSQL_CHARSET);
55	// db_query($link, "SET CHARACTER SET " . MYSQL_CHARSET);
56	}
57	}
58
59	$op = $_REQUEST["op"];
60
61	$print_exec_time = false;
62
63	if ((!$op \|\| $op == "rpc" \|\| $op == "rss" \|\| $op == "view" \|\|
64	$op == "digestSend" \|\| $op == "viewfeed" \|\| $op == "publish" \|\|
65	$op == "globalUpdateFeeds") && !$_REQUEST["noxml"]) {
66	header("Content-Type: application/xml; charset=utf-8");
67
68	if (ENABLE_GZIP_OUTPUT) {
69	ob_start("ob_gzhandler");
70	}
71
72	} else {
73	if (!$_REQUEST["noxml"]) {
74	header("Content-Type: text/html; charset=utf-8");
75	} else {
76	header("Content-Type: text/plain; charset=utf-8");
77	}
78	}
79
80	if (!$op) {
81	header("Content-Type: application/xml");
82	print_error_xml(7); exit;
83	}
84
85	if (!($_SESSION["uid"] && validate_session($link)) && $op != "globalUpdateFeeds"
86	&& $op != "rss" && $op != "getUnread" && $op != "publish") {
87
88	if ($op == "rpc" \|\| $op == "viewfeed" \|\| $op == "view") {
89	print_error_xml(6); die;
90	} else {
91	print "
92	<html><body>
93	<p>Error: Not logged in.</p>
94	<script type=\"text/javascript\">
95	if (parent.window != 'undefined') {
96	parent.window.location = \"tt-rss.php\";
97	} else {
98	window.location = \"tt-rss.php\";
99	}
100	</script>
101	</body></html>
102	";
103	}
104	exit;
105	}
106
107	$purge_intervals = array(
108	0 => __("Use default"),
109	-1 => __("Never purge"),
110	5 => __("1 week old"),
111	14 => __("2 weeks old"),
112	31 => __("1 month old"),
113	60 => __("2 months old"),
114	90 => __("3 months old"));
115
116	$update_intervals = array(
117	0 => __("Default interval"),
118	-1 => __("Disable updates"),
119	15 => __("Each 15 minutes"),
120	30 => __("Each 30 minutes"),
121	60 => __("Hourly"),
122	240 => __("Each 4 hours"),
123	720 => __("Each 12 hours"),
124	1440 => __("Daily"),
125	10080 => __("Weekly"));
126
127	$update_methods = array(
128	0 => __("Default"),
129	1 => __("Magpie"),
130	2 => __("SimplePie"));
131
132	if (ENABLE_SIMPLEPIE) {
133	$update_methods[0] .= ' (SimplePie)';
134	} else {
135	$update_methods[0] .= ' (Magpie)';
136	}
137
138	$access_level_names = array(
139	0 => __("User"),
140	5 => __("Power User"),
141	10 => __("Administrator"));
142
143	require_once "modules/pref-prefs.php";
144	require_once "modules/popup-dialog.php";
145	require_once "modules/help.php";
146	require_once "modules/pref-feeds.php";
147	require_once "modules/pref-filters.php";
148	require_once "modules/pref-labels.php";
149	require_once "modules/pref-users.php";
150	require_once "modules/pref-feed-browser.php";
151
152	if (!sanity_check($link)) { return; }
153
154	switch($op) { // Select action according to $op value.
155	case "rpc":
156	// Handle remote procedure calls.
157	handle_rpc_request($link);
158	break; // rpc
159
160	case "feeds":
161	if (ENABLE_GZIP_OUTPUT) {
162	ob_start("ob_gzhandler");
163	}
164
165	$tags = $_GET["tags"];
166
167	$subop = $_GET["subop"];
168
169	switch($subop) {
170	case "catchupAll":
171	db_query($link, "UPDATE ttrss_user_entries SET
172	last_read = NOW(),unread = false WHERE owner_uid = " . $_SESSION["uid"]);
173	break;
174
175	case "collapse":
176	$cat_id = db_escape_string($_GET["cid"]);
177
178	db_query($link, "UPDATE ttrss_feed_categories SET
179	collapsed = NOT collapsed WHERE id = '$cat_id' AND owner_uid = " .
180	$_SESSION["uid"]);
181	return;
182	break;
183
184	case "catsortreset":
185	db_query($link, "UPDATE ttrss_feed_categories
186	SET order_id = 0 WHERE owner_uid = " . $_SESSION["uid"]);
187	return;
188	break;
189
190	case "catsort":
191	$corder = db_escape_string($_GET["corder"]);
192
193	$cats = split(",", $corder);
194
195	for ($i = 0; $i < count($cats); $i++) {
196	$cat_id = $cats[$i];
197
198	if ($cat_id > 0) {
199	db_query($link, "UPDATE ttrss_feed_categories
200	SET order_id = '$i' WHERE id = '$cat_id' AND
201	owner_uid = " . $_SESSION["uid"]);
202	}
203	}
204
205	return;
206	break;
207
208	}
209
210	outputFeedList($link, $tags);
211	break; // feeds
212
213	case "view":
214
215	$id = db_escape_string($_GET["id"]);
216	$feed_id = db_escape_string($_GET["feed"]);
217	$cids = split(",", db_escape_string($_GET["cids"]));
218	$mode = db_escape_string($_GET["mode"]);
219	$omode = db_escape_string($_GET["omode"]);
220
221	$csync = $_GET["csync"];
222
223	print "<reply>";
224
225	// in prefetch mode we only output requested cids, main article
226	// just gets marked as read (it already exists in client cache)
227
228	if ($mode == "") {
229	outputArticleXML($link, $id, $feed_id);
230	} else if ($mode == "zoom") {
231	outputArticleXML($link, $id, $feed_id, true, true);
232	} else {
233	catchupArticleById($link, $id, 0);
234	}
235
236	if (!$_SESSION["bw_limit"]) {
237	foreach ($cids as $cid) {
238	if ($cid) {
239	outputArticleXML($link, $cid, $feed_id, false);
240	}
241	}
242	}
243
244
245	if (get_pref($link, "SYNC_COUNTERS") \|\| ($mode == "prefetch" && $csync)) {
246	print "<counters>";
247	getAllCounters($link, $omode);
248	print "</counters>";
249	}
250
251	print "</reply>";
252	break; // view
253
254	case "viewfeed":
255
256	$print_exec_time = true;
257	$timing_info = getmicrotime();
258
259	print "<reply>";
260
261	if ($_GET["debug"]) $timing_info = print_checkpoint("0", $timing_info);
262
263	$omode = db_escape_string($_GET["omode"]);
264
265	$feed = db_escape_string($_GET["feed"]);
266	$subop = db_escape_string($_GET["subop"]);
267	$view_mode = db_escape_string($_GET["view_mode"]);
268	$limit = db_escape_string($_GET["limit"]);
269	$cat_view = db_escape_string($_GET["cat"]);
270	$next_unread_feed = db_escape_string($_GET["nuf"]);
271	$offset = db_escape_string($_GET["skip"]);
272	$vgroup_last_feed = db_escape_string($_GET["vgrlf"]);
273	$csync = $_GET["csync"];
274
275	set_pref($link, "_DEFAULT_VIEW_MODE", $view_mode);
276	set_pref($link, "_DEFAULT_VIEW_LIMIT", $limit);
277
278	if (!$cat_view && preg_match("/^[0-9][0-9]*$/", $feed)) {
279	db_query($link, "UPDATE ttrss_feeds SET last_viewed = NOW()
280	WHERE id = '$feed' AND owner_uid = ".$_SESSION["uid"]);
281	}
282
283	print "<headlines id=\"$feed\"><![CDATA[";
284
285	if ($feed == -4) {
286
287	generate_dashboard_feed($link);
288
289	} else {
290
291	$ret = outputHeadlinesList($link, $feed, $subop,
292	$view_mode, $limit, $cat_view, $next_unread_feed, $offset,
293	$vgroup_last_feed);
294
295	$topmost_article_ids = $ret[0];
296	$headlines_count = $ret[1];
297	$returned_feed = $ret[2];
298	$disable_cache = $ret[3];
299	$vgroup_last_feed = $ret[4];
300
301	print "]]></headlines>";
302
303	print "<headlines-count value=\"$headlines_count\"/>";
304	print "<vgroup-last-feed value=\"$vgroup_last_feed\"/>";
305
306	$headlines_unread = getFeedUnread($link, $returned_feed);
307
308	print "<headlines-unread value=\"$headlines_unread\"/>";
309	printf("<disable-cache value=\"%d\"/>", $disable_cache);
310
311	if ($_GET["debug"]) $timing_info = print_checkpoint("10", $timing_info);
312
313	if (is_array($topmost_article_ids) && !get_pref($link, 'COMBINED_DISPLAY_MODE') && !$_SESSION["bw_limit"]) {
314	print "<articles>";
315	foreach ($topmost_article_ids as $id) {
316	outputArticleXML($link, $id, $feed, false);
317	}
318	print "</articles>";
319	}
320	}
321
322	if ($_GET["debug"]) $timing_info = print_checkpoint("20", $timing_info);
323
324	$viewfeed_ctr_interval = 300;
325
326	if ($csync \|\| $_SESSION["bw_limit"]) {
327	$viewfeed_ctr_interval = 60;
328	}
329
330	if (get_pref($link, "SYNC_COUNTERS") \|\|
331	time() - $_SESSION["get_all_counters_stamp"] > $viewfeed_ctr_interval) {
332	print "<counters>";
333	getAllCounters($link, $omode, $feed);
334	print "</counters>";
335	}
336
337	if ($_GET["debug"]) $timing_info = print_checkpoint("30", $timing_info);
338
339	print_runtime_info($link);
340
341	print "</reply>";
342	break; // viewfeed
343
344	case "pref-feeds":
345	module_pref_feeds($link);
346	break; // pref-feeds
347
348	case "pref-filters":
349	module_pref_filters($link);
350	break; // pref-filters
351
352	case "pref-labels":
353	module_pref_labels($link);
354	break; // pref-labels
355
356	case "pref-prefs":
357	module_pref_prefs($link);
358	break; // pref-prefs
359
360	case "pref-users":
361	module_pref_users($link);
362	break; // prefs-users
363
364	case "help":
365	module_help($link);
366	break; // help
367
368	case "dlg":
369	module_popup_dialog($link);
370	break; // dlg
371
372	case "pref-pub-items":
373	module_pref_pub_items($link);
374	break; // pref-pub-items
375
376	case "globalUpdateFeeds":
377	// update feeds of all users, may be used anonymously
378
379	print "<!--";
380	// Update all feeds needing a update.
381	update_daemon_common($link, 0, true, true);
382	print " -->";
383
384	// FIXME : old feed update way. To be removed.
385	//$result = db_query($link, "SELECT id FROM ttrss_users");
386
387	//while ($line = db_fetch_assoc($result)) {
388	// $user_id = $line["id"];
389	// print "<!-- updating feeds of uid $user_id -->";
390	// update_all_feeds($link, false, $user_id);
391	//}
392
393	print "<rpc-reply>
394	<message msg=\"All feeds updated\"/>
395	</rpc-reply>";
396	break; // globalUpdateFeeds
397
398	case "user-details":
399
400	if (WEB_DEMO_MODE \|\| $_SESSION["access_level"] < 10) {
401	return;
402	}
403
404	/*
405	print "<html><head>
406	<title>Tiny Tiny RSS : User Details</title>
407	<link rel=\"stylesheet\" href=\"tt-rss.css\" type=\"text/css\">
408	<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
409	</head><body>";
410	*/
411
412	$uid = sprintf("%d", $_GET["id"]);
413
414	print "<div id=\"infoBoxTitle\">User details</div>";
415
416	print "<div class='infoBoxContents'>";
417
418	$result = db_query($link, "SELECT login,
419	".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login,
420	access_level,
421	(SELECT COUNT(int_id) FROM ttrss_user_entries
422	WHERE owner_uid = id) AS stored_articles,
423	".SUBSTRING_FOR_DATE."(created,1,16) AS created
424	FROM ttrss_users
425	WHERE id = '$uid'");
426
427	if (db_num_rows($result) == 0) {
428	print "<h1>User not found</h1>";
429	return;
430	}
431
432	// print "<h1>User Details</h1>";
433
434	$login = db_fetch_result($result, 0, "login");
435
436	// print "<h1>$login</h1>";
437
438	print "<table width='100%'>";
439
440	$last_login = date(get_pref($link, 'LONG_DATE_FORMAT'),
441	strtotime(db_fetch_result($result, 0, "last_login")));
442
443	$created = date(get_pref($link, 'LONG_DATE_FORMAT'),
444	strtotime(db_fetch_result($result, 0, "created")));
445
446	$access_level = db_fetch_result($result, 0, "access_level");
447	$stored_articles = db_fetch_result($result, 0, "stored_articles");
448
449	// print "<tr><td>Username</td><td>$login</td></tr>";
450	// print "<tr><td>Access level</td><td>$access_level</td></tr>";
451	print "<tr><td>".__('Registered')."</td><td>$created</td></tr>";
452	print "<tr><td>".__('Last logged in')."</td><td>$last_login</td></tr>";
453	print "<tr><td>".__('Stored articles')."</td><td>$stored_articles</td></tr>";
454
455	$result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
456	WHERE owner_uid = '$uid'");
457
458	$num_feeds = db_fetch_result($result, 0, "num_feeds");
459
460	print "<tr><td>".__('Subscribed feeds count')."</td><td>$num_feeds</td></tr>";
461
462	/*
463	$result = db_query($link, "SELECT
464	SUM(LENGTH(content)+LENGTH(title)+LENGTH(link)+LENGTH(guid)) AS db_size
465	FROM ttrss_user_entries,ttrss_entries
466	WHERE owner_uid = '$uid' AND ref_id = id");
467
468	$db_size = round(db_fetch_result($result, 0, "db_size") / 1024);
469
470	print "<tr><td>Approx. used DB size</td><td>$db_size KBytes</td></tr>";
471	*/
472
473	print "</table>";
474
475	print "<h1>".__('Subscribed feeds')."</h1>";
476
477	$result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
478	WHERE owner_uid = '$uid' ORDER BY title");
479
480	print "<ul class=\"userFeedList\">";
481
482	$row_class = "odd";
483
484	while ($line = db_fetch_assoc($result)) {
485
486	$icon_file = ICONS_URL."/".$line["id"].".ico";
487
488	if (file_exists($icon_file) && filesize($icon_file) > 0) {
489	$feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
490	} else {
491	$feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
492	}
493
494	print "<li class=\"$row_class\">$feed_icon <a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
495
496	$row_class = toggleEvenOdd($row_class);
497
498	}
499
500	if (db_num_rows($result) < $num_feeds) {
501	// FIXME - add link to show ALL subscribed feeds here somewhere
502	print "<li><img
503	class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\"> ...</li>";
504	}
505
506	print "</ul>";
507
508	print "</div>";
509
510	print "<div align='center'>
511	<input type='submit' class='button'

Tiny Tiny RSS

root/backend.php